Subject: login and login.conf
To: None <tech-security@netbsd.org, tech-userlevel@netbsd.org,>
From: Scott Aaron Bamford <sab@zeekuschrist.com>
List: tech-security
Date: 03/10/2000 16:56:21
  by redmail.netbsd.org with SMTP; 10 Mar 2000 16:33:29 -0000
	by mail5.svr.pol.co.uk with esmtp (Exim 3.13 #0)
	id 12TSLZ-0001lN-00; Fri, 10 Mar 2000 16:33:06 +0000
	by blip.fish.poo (8.9.3/8.8.8) with ESMTP id QAA00672;
	Fri, 10 Mar 2000 16:56:22 GMT
Date: Fri, 10 Mar 2000 16:56:21 +0000 (GMT)
From: Scott Aaron Bamford <sab@zeekuschrist.com>
To: tech-security@netbsd.org, tech-userlevel@netbsd.org,
        current-users@netbsd.org
Subject: login and login.conf
In-Reply-To: <Pine.NEB.4.21.0003101644120.635-100000@blip.fish.poo>
Message-ID: <Pine.NEB.4.21.0003101654510.669-100000@blip.fish.poo>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


this is a resend. sorrie if it apears twice.
 
line 454 and 455 in login.c read:

        if (!rootlogin || login_getcapbool(lc, "ignorenologin", 0))
                checknologin(login_getcapstr(lc, "nologin", NULL, NULL));

surely this should read

        if (!rootlogin && !login_getcapbool(lc, "ignorenologin", 0))
                checknologin(login_getcapstr(lc, "nologin", NULL, NULL));

to make the "ignorenologin" cap ignore the /etc/nologin or "nologin" cap
file? 

man 5 login.conf:

     ignorenologin       bool         false      Not affected by nologin
                                                 files.


- Scott

--------------------------------------
sab@zeekuschrist.com  |  sab@ansic.net